메인 내용으로 이동

Sandbox

sandbox attribute in iframe

  • treat the content as being from a unique origin
  • block form submission
  • block script execution
  • disable APIs
  • prevent links from targeting other browsing contexts
  • prevent content from using plugins (through <embed>, <object>, <applet>, or other)
  • prevent the content from navigating its top-level browsing context
  • block automatically triggered features (such as automatically playing a video or automatically focusing a form control)

References